Re: IPsec PKIX profile draft
Russ Housley <housley@vigilsec.com> Mon, 05 May 2003 05:28 UTC
Received: from above.proper.com (mail.proper.com [208.184.76.45]) by ietf.org (8.9.1a/8.9.1a) with ESMTP id BAA13491 for <pkix-archive@lists.ietf.org>; Mon, 5 May 2003 01:28:50 -0400 (EDT)
Received: from above.proper.com (localhost [127.0.0.1]) by above.proper.com (8.12.8p1/8.12.8) with ESMTP id h454Thi2038072 for <ietf-pkix-bks@above.proper.com>; Sun, 4 May 2003 21:29:43 -0700 (PDT) (envelope-from owner-ietf-pkix@mail.imc.org)
Received: (from majordom@localhost) by above.proper.com (8.12.8p1/8.12.9/Submit) id h454Th44038071 for ietf-pkix-bks; Sun, 4 May 2003 21:29:43 -0700 (PDT)
X-Authentication-Warning: above.proper.com: majordom set sender to owner-ietf-pkix@mail.imc.org using -f
Received: from woodstock.binhost.com (woodstock.binhost.com [207.228.252.5]) by above.proper.com (8.12.8p1/8.12.8) with SMTP id h454Tgi2038066 for <ietf-pkix@imc.org>; Sun, 4 May 2003 21:29:42 -0700 (PDT) (envelope-from housley@vigilsec.com)
Received: (qmail 27786 invoked by uid 0); 5 May 2003 04:29:01 -0000
Received: from unknown (HELO Russ-Laptop.vigilsec.com) (64.134.126.230) by woodstock.binhost.com with SMTP; 5 May 2003 04:29:01 -0000
Message-Id: <5.2.0.9.2.20030505002216.0194d4e8@mail.binhost.com>
X-Sender: housley@mail.binhost.com
X-Mailer: QUALCOMM Windows Eudora Version 5.2.0.9
Date: Mon, 05 May 2003 00:24:49 -0400
To: ietf-pkix@imc.org
From: Russ Housley <housley@vigilsec.com>
Subject: Re: IPsec PKIX profile draft
In-Reply-To: <200305040154.h441sKs4039042@oe8.briank.com>
Mime-Version: 1.0
Content-Type: text/plain; charset="us-ascii"; format="flowed"
Sender: owner-ietf-pkix@mail.imc.org
Precedence: bulk
List-Archive: <http://www.imc.org/ietf-pkix/mail-archive/>
List-ID: <ietf-pkix.imc.org>
List-Unsubscribe: <mailto:ietf-pkix-request@imc.org?body=unsubscribe>
Steve Bellovin and myself would like to see support for certificates in IKEv2 become a SHOULD requirement. The authors of this specification believe that it could apply to IKEv1 as well as IKEv2. Perhaps all we need to do is reference this document. Please review it. Russ At 03:19 PM 5/2/2003 -0700, Brian Korver wrote: >For those of you who aren't on the IPsec list, I'd like to >mention that a new revision of the IPsec PKIX profile draft >is available. > > http://www.ietf.org/internet-drafts/draft-ietf-ipsec-pki-profile-02.txt > >This document would benefit greatly from review by additional >PKI experts and vendors, especially those who are familiar with >IPsec PKI deployment issues. Comments should be sent to the >ipsec@lists.tislabs.com mailing list. > >-brian >briank@briank.com
- IPsec PKIX profile draft Brian Korver
- Request for CA Trust Evaluation Hamid Asadi
- Re: IPsec PKIX profile draft Russ Housley